XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. XG-Firewall: Allow Changing HA-monitored Interfaces without breaking HA

    Allow Changing HA-monitored Interfaces without breaking HA like in UTM/SG - OS possible.
    Why is there the need to break HA if only a change or modification on a productive plant ist planned, that schould be online 24x7? That´s why HA is implemeted!!

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow One-time Password creation when Logging into Admin portal

    When using One-time password for Administrator accounts, at this moment in time you need to turn on OTP for the administrator, head over to the User Portal and log in as the user. This will present the user with the QR code to scan and add to their authentication application.

    However, in our instance we only want Administrators to use OTP - so when logging into the Admin Portal this creates a OTP token however does not present a QR code to the Administrator, it will create a OTP Token for the user though and then just fail the login.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  3. MAC list in single window to Spoof protection option

    Currently customer is using Cyberoam CR-50iNG. He is using Spoof Protection feature and added 310+ Trusted MAC, all MAC address showing in single window and customer manage it very easily.

    But in SFOS, when customer is adding 310+ MAC then in single window it is showing only 10 numbers of MAC in one page. So customer wants same feature of Cyberoam in XG also as it is 31 pages in SFOS and there is also no option of filter
    or search is coming. So it is very tedious job for customer to manage spoof protection.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  4. VLAN priority on WAN with tagged in the XG

    Hi Sophos team, Huawei ISP for example ask to tagging Vlan on Wan in DHCP mode to provide full bandwith, Could you implement this option?
    Few competitive Firewall as Draytek do it.

    Thanks you.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  5. Option to select which page to load after logon

    The control center page which appears upon logon with the graphs, stats, and sfos update popups can take a very long time to load on lower end hardware such as xg105's. Working with 50 of these becomes time consuming. A configurable setting to select which page is the default after logon such as Administration, Firewall, Network would be helpful for those of us who don't need the control center every time.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  6. Persistent DHCP Leases on unexpected power off / power loss

    On unexpected power loss or shutdown, when the XG Firewall powers back on, it is unaware of any previously leased DHCP IP addresses. Because of this, the XG Firewall leases out already in use IP addresses, causing conflicts, until either the original lease on the device expires or unless the device is smart enough to recognize this and ask for a new IP address. This can cause significant connectivity issues on large network segments with DHCP enabled.

    Other *nix distributions handle this by writing a temp file containing active leases each time an address is handed out so that the…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  7. Local Admin UI shows different config than Sophos Central

    When the XG is configured via Sophos Central the local admin UI:

    1) No longer shows the actual configuration of the unit - only the old config from the time administration was switched to SC.

    2) The local admin UI still allows configuration changes to be made. However, these changes are not applied to the unit. There is no warning about this either.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add notifications

    Hello,
    Please add more notifications to sophos xg firewall like RED fails, system restart, and other options that was available in SG
    Thank You

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  9. Cycle Surfing quota: Per session

    Now the minimum cycle is a day. If you can enhanced this to per login session, this would be great.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  10. firmware update without service interruption

    firmware update in High Availability (HA) mode should be possible without service interruption

    15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  11. office 365 mail Notification

    Why does not 17.5 is not supporting the office 365 mail notification. Need to allow the feature in the XG firewall,.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  12. Change front lcd display text

    It would be great to change the front LCD display text using Advanced Shell.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  13. Federico Poni

    It would be useful to be able to set the number of simultaneous logins for guest users during bulk creation, or to set up simultaneous logins in the guest user creation template

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  14. Firewall Rule backup wan Server all connections over primary

    Add the option for Action on Failback on the Firewall Rule itself when using the Primary WAN and Backup WAN options.
    We have situations where we have a Voice Firewall rule that is for the customers Hosted phones system. We offer the ability to have failover WAN on the system(phone and firewall). In cases due to poor ISP quality the backup WAN (on the voice rule) is not ideal for VOIP and has issues like echo, Dropped packets and so on.
    In a failover event we are able to have there phones starting using the backup connection however when it…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  15. Dear Sophos Team, Please upgrade Sophos XG firewall with feature individual Userwise policy. Thanks

    Dear Sophos Team, Please upgrade Sophos XG firewall with feature individual Userwise policy. Thanks

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  16. Complete

    Create complete(!) backups. There are many things missing in the Backup i.e. SPX-Text Mail-Qarantine.

    There are also Bugs in Backup. When restoring a full backup some Groups and Hosts getting new Names (like old Name was: 'group' new name was 'group_123'

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  17. Change services attached to rule

    There should be no reason to not be able to change a service that's applied to a rule (like a port change within the service) while it's attached to a rule.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  18. host

    Ability to use IP Host name (Console --> System --> Hosts and services) when creating an IP List (Console --> System --> Hosts and services --> IP Host --> IP List) . I would like to define the name/IP once, and when I change the IP for that name, all instances in IP Hosts, Rules, Routes, etc... are changed.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  19. Apply multiple rule changes all at once

    Allow for the ability to make multiple changes across the firewall and perform a one time commit of all the changes.
    Benefits:
    1) Ability to make linked changes ie make an interface change along with associated rules or service changes
    2) Improved UI performance as you don't have to wait for each change to be applied before the next action can be performed
    3) Allow for rule/changes reviews and correct errors before applying
    4) Allow for a rollback timeout implementation eg make changes, commit and then confirm within xx minutes, if not rollback to previous config in case of getting…

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  20. Please has all Public IP vs Internal IP NAT IP information in tabular format,

    Hi Team- could you please has all Public IP vs Internal IP NAT IP information in tabular format,every time i would need to check every NAT/Business rule .

    This is frustrating and time consuming process and has chances of wrong assessment.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Base System + General UI  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.